Xupiter.Orbitexplorer Adware

Xupiter.Orbitexplorer virus description
Technical details:
Categories: Adware,BHO,Hijacker,Toolbar
Xupiter.Orbitexplorer Aliases:
[Kaspersky]TrojanDownloader.Win32.Comet;
[Panda]Adware/Comet

Xupiter.Orbitexplorer Folders:
[%PROGRAM_FILES%]\oe
[%PROGRAM_FILES%]\orbit
[%PROGRAM_FILES_COMMON%]\oe

Xupiter.Orbitexplorer Files:
[%WINDOWS%]\bobsaver.exe
[%WINDOWS%]\bobsaver.scr
[%SYSTEM%]\redirector.dll
[%WINDOWS%]\downloaded program files\conflict.1\oeloader.dll
[%WINDOWS%]\downloaded program files\conflict.1\oeloader.exe
[%WINDOWS%]\Downloaded Program Files\OELoader.dll
[%WINDOWS%]\downloaded program files\oeloader.exe
[%WINDOWS%]\downloaded program files\oeloader.inf
[%WINDOWS%]\system\redirector.dll
[%WINDOWS%]\bobsaver.exe
[%WINDOWS%]\bobsaver.scr
[%SYSTEM%]\redirector.dll
[%WINDOWS%]\downloaded program files\conflict.1\oeloader.dll
[%WINDOWS%]\downloaded program files\conflict.1\oeloader.exe
[%WINDOWS%]\Downloaded Program Files\OELoader.dll
[%WINDOWS%]\downloaded program files\oeloader.exe
[%WINDOWS%]\downloaded program files\oeloader.inf
[%WINDOWS%]\system\redirector.dll

Xupiter.Orbitexplorer Registry Keys:
HKEY_CLASSES_ROOT\clsid\{341fb59f-3507-443b-8147-423b4e3b2b15}
HKEY_CLASSES_ROOT\interface\{030a8576-686b-479a-af79-94b9fea79bc5}
HKEY_CLASSES_ROOT\interface\{1d22a25e-b181-4aee-88ff-2209f7c24fcb}
HKEY_CLASSES_ROOT\interface\{ec99cbb3-6275-4923-bc54-8f27ac45f577}
HKEY_CLASSES_ROOT\oesearch.oesearchhook
HKEY_CLASSES_ROOT\oesearch.oesearchhook.1
HKEY_CLASSES_ROOT\toolbar.band.1
HKEY_CLASSES_ROOT\typelib\{8594cb7b-5a4b-414c-b40f-6c42152b4d2b}
HKEY_CLASSES_ROOT\typelib\{92a0bfef-d370-4d4f-ba70-f0c0afb19b9f}
HKEY_CLASSES_ROOT\typelib\{ecc4ab37-565f-4424-8802-e4bc7766ba58}
HKEY_CLASSES_ROOT\update.redirector
HKEY_CLASSES_ROOT\update.redirector.1
HKEY_LOCAL_MACHINE\software\classes\appid\{bac984c9-78c8-4105-9e97-1675a4052686}
HKEY_LOCAL_MACHINE\software\classes\bho.csbho
HKEY_LOCAL_MACHINE\software\classes\bho.csbho.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{062efa85-8bbb-11d3-80d0-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{0922ec1a-9ec7-11d3-80b9-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\clsid\{0e42926e-96d8-11d3-80d5-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{0e429272-96d8-11d3-80d5-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{1678f7e1-c422-11d0-ad7d-00400515caaa}
HKEY_LOCAL_MACHINE\software\classes\clsid\{16bc6464-196a-4bab-a14b-f69f8a0a60f7}
HKEY_LOCAL_MACHINE\software\classes\clsid\{197ab1d7-a7dd-4c86-a938-1fcc0db21b85}
HKEY_LOCAL_MACHINE\software\classes\clsid\{212b99a1-9cf6-11d3-80b7-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\clsid\{39e01e09-2b45-11d4-810d-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{941228b3-3ad1-4633-a9f5-59154cb362d4}
HKEY_LOCAL_MACHINE\software\classes\clsid\{a335d52f-d489-472d-9eaa-d72a40aaf7ca}
HKEY_LOCAL_MACHINE\software\classes\clsid\{cbe7d5e7-90a2-11d3-80d1-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{cd74b159-a1d3-11d3-80bc-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\clsid\{e28fcb54-8c8e-11d3-80d1-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{e5c39db9-9dcc-11d3-80d6-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{edee4ccb-0913-4cc9-8ea9-3ddd87ab8bde}
HKEY_LOCAL_MACHINE\software\classes\clsid\{f59c663d-e891-492c-86e3-0758c71885c2}
HKEY_LOCAL_MACHINE\software\classes\cometietoolbar.comettoolbar
HKEY_LOCAL_MACHINE\software\classes\cometietoolbar.comettoolbar.1
HKEY_LOCAL_MACHINE\software\classes\core.bho1
HKEY_LOCAL_MACHINE\software\classes\core.bho1.1
HKEY_LOCAL_MACHINE\software\classes\core.browserappproxy
HKEY_LOCAL_MACHINE\software\classes\core.browserappproxy.1
HKEY_LOCAL_MACHINE\software\classes\core.cometcursor
HKEY_LOCAL_MACHINE\software\classes\core.cometcursor.1
HKEY_LOCAL_MACHINE\software\classes\core.cometframe
HKEY_LOCAL_MACHINE\software\classes\core.cometframe.1
HKEY_LOCAL_MACHINE\software\classes\core.cometwindow
HKEY_LOCAL_MACHINE\software\classes\core.cometwindow.1
HKEY_LOCAL_MACHINE\software\classes\core.cs15cursor
HKEY_LOCAL_MACHINE\software\classes\core.cs15cursor.1
HKEY_LOCAL_MACHINE\software\classes\core.fileinfo
HKEY_LOCAL_MACHINE\software\classes\core.fileinfo.1
HKEY_LOCAL_MACHINE\software\classes\core.httpcomm
HKEY_LOCAL_MACHINE\software\classes\core.httpcomm.1
HKEY_LOCAL_MACHINE\software\classes\core.mybrowser1
HKEY_LOCAL_MACHINE\software\classes\core.mybrowser1.1
HKEY_LOCAL_MACHINE\software\classes\core.selfupdater
HKEY_LOCAL_MACHINE\software\classes\core.selfupdater.1
HKEY_LOCAL_MACHINE\software\classes\core.system
HKEY_LOCAL_MACHINE\software\classes\core.system.1
HKEY_LOCAL_MACHINE\software\classes\core.windowproxy
HKEY_LOCAL_MACHINE\software\classes\core.windowproxy.1
HKEY_LOCAL_MACHINE\software\classes\csband.horizontalieband
HKEY_LOCAL_MACHINE\software\classes\csband.horizontalieband.1
HKEY_LOCAL_MACHINE\software\classes\csband.verticalieband
HKEY_LOCAL_MACHINE\software\classes\csband.verticalieband.1
HKEY_LOCAL_MACHINE\software\classes\cssecurity.htmlsecurity
HKEY_LOCAL_MACHINE\software\classes\cssecurity.htmlsecurity.1
HKEY_LOCAL_MACHINE\software\classes\dmproxy.dmproxyctl
HKEY_LOCAL_MACHINE\software\classes\dmproxy.dmproxyctl.1
HKEY_LOCAL_MACHINE\software\classes\dmserver.dmnotify
HKEY_LOCAL_MACHINE\software\classes\dmserver.dmnotify.1
HKEY_LOCAL_MACHINE\software\classes\interface\{012b0571-2cd6-11d4-810d-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{062efa84-8bbb-11d3-80d0-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{0922ec19-9ec7-11d3-80b9-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\interface\{0e42926f-96d8-11d3-80d5-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{0e429271-96d8-11d3-80d5-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{1348e05a-21c7-4134-b4a4-3c12234fca3f}
HKEY_LOCAL_MACHINE\software\classes\interface\{1e587528-41aa-4f19-97e8-bb75acc3035c}
HKEY_LOCAL_MACHINE\software\classes\interface\{212b99a0-9cf6-11d3-80b7-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\interface\{29089b98-af05-4769-b627-86a745d4b672}
HKEY_LOCAL_MACHINE\software\classes\interface\{2da93e50-9d08-11d3-80d5-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{2fcfb3fd-7184-4c42-aed3-30fff0119964}
HKEY_LOCAL_MACHINE\software\classes\interface\{34fdd882-5530-4a90-89cd-416612c8855e}
HKEY_LOCAL_MACHINE\software\classes\interface\{43f1b4ad-92ef-4db3-bda9-12335b012dd0}
HKEY_LOCAL_MACHINE\software\classes\interface\{4a0f42b7-a61b-4131-bf41-bf05a2635bfd}
HKEY_LOCAL_MACHINE\software\classes\interface\{50d7c4ab-3c82-11d4-8111-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{58c59f56-ca66-4b5d-9132-ecea5193be5a}
HKEY_LOCAL_MACHINE\software\classes\interface\{665abe65-2c16-4341-b4b8-01ff799e8f4c}
HKEY_LOCAL_MACHINE\software\classes\interface\{788e0d0e-caf7-473b-9183-76be6d30dc9a}
HKEY_LOCAL_MACHINE\software\classes\interface\{7aa7d1c3-f0f8-460c-936d-b5886d0928eb}
HKEY_LOCAL_MACHINE\software\classes\interface\{7f0f5da6-84cb-11d4-8137-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{832786ec-9632-4919-8972-59f79d621c87}
HKEY_LOCAL_MACHINE\software\classes\interface\{899be974-d575-48bb-a9c7-1d24e8042be4}
HKEY_LOCAL_MACHINE\software\classes\interface\{8bee173b-c006-4f0e-acd2-84a882bebcff}
HKEY_LOCAL_MACHINE\software\classes\interface\{910e67a6-bd53-46df-8434-41498b7d22f7}
HKEY_LOCAL_MACHINE\software\classes\interface\{9464c98e-b5f1-4c6a-bd3f-9696e3bd081e}
HKEY_LOCAL_MACHINE\software\classes\interface\{97284959-a553-4576-859c-b3b3ff283de0}
HKEY_LOCAL_MACHINE\software\classes\interface\{9dbdd71c-0a7f-48ac-9ffa-e102b3750b9d}
HKEY_LOCAL_MACHINE\software\classes\interface\{a0ca55a0-a112-11d3-80d6-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{a0ca55a1-a112-11d3-80d6-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{a4b977f5-1efc-4da0-b9c2-67c53cba140f}
HKEY_LOCAL_MACHINE\software\classes\interface\{a9e67cbe-7a42-47be-962a-c07e73c34fba}
HKEY_LOCAL_MACHINE\software\classes\interface\{aeb17fc4-2a52-4945-9866-81cc343a59e3}
HKEY_LOCAL_MACHINE\software\classes\interface\{b0db6360-8d7f-11d4-8137-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{b0e9399e-fe6f-43b0-98d3-2f47080dde4a}
HKEY_LOCAL_MACHINE\software\classes\interface\{bfcbf73b-6eb2-49c1-adca-cf0cd589b140}
HKEY_LOCAL_MACHINE\software\classes\interface\{c0cad17e-00a3-4f40-9015-d569c3114ba3}
HKEY_LOCAL_MACHINE\software\classes\interface\{c2e56e18-2f04-4ab9-9333-b2db3c350956}
HKEY_LOCAL_MACHINE\software\classes\interface\{c4d86dc8-b73b-4470-9914-3dac14ee6f95}
HKEY_LOCAL_MACHINE\software\classes\interface\{c7291310-3c8c-11d4-8111-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{c81b4b57-b06b-409d-aed0-028051683796}
HKEY_LOCAL_MACHINE\software\classes\interface\{cbe7d5e6-90a2-11d3-80d1-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{cbe7d5e8-90a2-11d3-80d1-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{cd74b15b-a1d3-11d3-80bc-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\interface\{ce2eab19-e31d-43ca-a860-f95a2ca50040}
HKEY_LOCAL_MACHINE\software\classes\interface\{d14d6792-9b65-11d3-80b6-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\interface\{dc86768f-5adf-4d84-9de8-fd047b1fe8f5}
HKEY_LOCAL_MACHINE\software\classes\interface\{ddd1e8ca-678d-4c9a-a472-ce9578b14dc5}
HKEY_LOCAL_MACHINE\software\classes\interface\{e28fcb53-8c8e-11d3-80d1-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{e9cbbeed-20b6-456c-8589-cf364d9d2370}
HKEY_LOCAL_MACHINE\software\classes\interface\{ea3b6c62-70a6-11d1-b69e-444553540000}
HKEY_LOCAL_MACHINE\software\classes\interface\{eb07a6d3-8e36-11d4-8138-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\interface\{f8c5ea77-7d72-405c-b90a-093655b0f544}
HKEY_LOCAL_MACHINE\software\classes\interface\{ffe56921-248b-4c75-9eee-01706310e371}
HKEY_LOCAL_MACHINE\software\classes\puk.pukbho
HKEY_LOCAL_MACHINE\software\classes\typelib\{062efa78-8bbb-11d3-80d0-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\typelib\{07fa131e-2eb2-446f-93d2-9f877320010b}
HKEY_LOCAL_MACHINE\software\classes\typelib\{32ba13af-001c-456e-8825-8d53077460ac}
HKEY_LOCAL_MACHINE\software\classes\typelib\{3f4386e5-2fbe-44a8-81cf-4b792490605f}
HKEY_LOCAL_MACHINE\software\classes\typelib\{5d2d50f6-6be2-41a0-b827-1accd3e2e2f7}
HKEY_LOCAL_MACHINE\software\classes\typelib\{74232635-a013-49f2-b869-1b1ab932d944}
HKEY_LOCAL_MACHINE\software\classes\typelib\{7f0f5d9a-84cb-11d4-8137-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\typelib\{844c39ec-7ea4-4f11-bce6-28404fd768e3}
HKEY_LOCAL_MACHINE\software\classes\typelib\{878ace1b-8db0-4d75-9034-504756ad4215}
HKEY_LOCAL_MACHINE\software\classes\typelib\{8fcd3b3f-6f3e-4bb2-9c37-b03b27f71857}
HKEY_LOCAL_MACHINE\software\classes\typelib\{bf986691-7f7b-4f94-85e0-20e75350701f}
HKEY_LOCAL_MACHINE\software\classes\typelib\{bfa2c963-fc24-4770-8c19-0d5a1cd58df9}
HKEY_LOCAL_MACHINE\software\classes\typelib\{c09fb84d-b9ed-43eb-afed-f145c26cb839}
HKEY_LOCAL_MACHINE\software\classes\typelib\{d14d6786-9b65-11d3-80b6-00500487bdba}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:\windows\downloaded program files\oeloader.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:\windows\downloaded program files\oeloader.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\orbit
HKEY_CLASSES_ROOT\clsid\{702ad576-fddb-4d0f-9811-a43252064684}
HKEY_CLASSES_ROOT\clsid\{d48f2e28-68e2-4920-9848-d6e6c7ab3eb7}
HKEY_CLASSES_ROOT\interface\{229b6742-97c5-4fa1-89d0-0117be82fc39}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{702ad576-fddb-4d0f-9811-a43252064684}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{d48f2e28-68e2-4920-9848-d6e6c7ab3eb7}
HKEY_CLASSES_ROOT\sqloader.loader
HKEY_CLASSES_ROOT\sqloader.loader.1
HKEY_CLASSES_ROOT\toolbar.band
HKEY_CLASSES_ROOT\typelib\{c3e17d0d-593a-457b-a1da-6d082e29323a}
HKEY_CURRENT_USER\clsid\{0fda4d2b-7975-405d-8d7c-f5e2247eae80}
HKEY_LOCAL_MACHINE\software\classes\clsid\{04fc63f8-ee34-4283-8941-4a11bf17c447}
HKEY_LOCAL_MACHINE\software\classes\clsid\{15940f5d-d8bd-49bc-851d-29dcfb166950}
HKEY_LOCAL_MACHINE\software\classes\clsid\{37d026c3-84d7-4ac5-a026-c08b7907cacf}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4320aeeb-2f2a-4f97-b573-232c6576aa3a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4aa5d526-44d5-4af6-ac53-5ce1534cc40b}
HKEY_LOCAL_MACHINE\software\classes\clsid\{64726b8a-0cbe-4f80-90b7-1ca1bc69fcfb}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6f2d6a5e-e3e7-4f18-887c-c777650def57}
HKEY_LOCAL_MACHINE\software\classes\clsid\{702ad576-fddb-4d0f-9811-a43252064684}
HKEY_LOCAL_MACHINE\software\classes\clsid\{7be4e188-dd04-47e4-8c1b-4aa330b18d9f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{7f0f5da7-84cb-11d4-8137-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{827a2ece-d76f-4bcc-82ed-d6a287c11211}
HKEY_LOCAL_MACHINE\software\classes\clsid\{8ae68b04-d492-4474-a6e2-fd5fe884f4b1}
HKEY_LOCAL_MACHINE\software\classes\clsid\{90c61707-c8f8-43db-a25c-c1f4b18ee41e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{a5ea242a-442e-4ecb-9cac-97037ccd6ec6}
HKEY_LOCAL_MACHINE\software\classes\clsid\{c38fc998-3b1b-4f59-a710-5a6c9cf8bd92}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d14d6793-9b65-11d3-80b6-00500487bdba}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d48f2e28-68e2-4920-9848-d6e6c7ab3eb7}
HKEY_LOCAL_MACHINE\software\classes\clsid\{da0882fb-49a3-4a9e-bb09-5e15347b5647}
HKEY_LOCAL_MACHINE\software\classes\clsid\{dfa771a5-2138-48ee-a58e-f782c879af8e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{e3a6e4b2-16b4-4f56-a98a-5f4de04ca2be}
HKEY_LOCAL_MACHINE\software\classes\clsid\{ea5bb125-a227-40a7-bcaa-652d497c2f65}
HKEY_LOCAL_MACHINE\software\classes\clsid\{eb07a6d4-8e36-11d4-8138-00500487b1c5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{edc4193f-34ad-4d07-aa87-e3fdb89e3e76}
HKEY_LOCAL_MACHINE\software\classes\clsid\{f147ae85-1855-4182-be3a-174160995a40}
HKEY_LOCAL_MACHINE\software\classes\clsid\{fe6bc4ef-5676-484b-88ae-883323913256}
HKEY_LOCAL_MACHINE\software\classes\cometapputil.cometuievents
HKEY_LOCAL_MACHINE\software\classes\cometapputil.cometuievents.1
HKEY_LOCAL_MACHINE\software\classes\comutil.fcparam
HKEY_LOCAL_MACHINE\software\classes\comutil.fcparam.1
HKEY_LOCAL_MACHINE\software\classes\comutil.fctcall
HKEY_LOCAL_MACHINE\software\classes\comutil.fctcall.1
HKEY_LOCAL_MACHINE\software\classes\contextparser.contextproxy
HKEY_LOCAL_MACHINE\software\classes\contextparser.contextproxy.1
HKEY_LOCAL_MACHINE\software\classes\contextparser.contextproxymgr
HKEY_LOCAL_MACHINE\software\classes\contextparser.contextproxymgr.1
HKEY_LOCAL_MACHINE\software\classes\contextparser.csregexp
HKEY_LOCAL_MACHINE\software\classes\contextparser.csregexp.1
HKEY_LOCAL_MACHINE\software\classes\contextparser.urlcontextparser
HKEY_LOCAL_MACHINE\software\classes\contextparser.urlcontextparser.1
HKEY_LOCAL_MACHINE\software\classes\csbrange.byterange
HKEY_LOCAL_MACHINE\software\classes\csbrange.byterange.1
HKEY_LOCAL_MACHINE\software\classes\cseng.csengine
HKEY_LOCAL_MACHINE\software\classes\cseng.csengine.1
HKEY_LOCAL_MACHINE\software\classes\cseng.cshost
HKEY_LOCAL_MACHINE\software\classes\cseng.cshost.1
HKEY_LOCAL_MACHINE\software\classes\cseng.evhandler
HKEY_LOCAL_MACHINE\software\classes\cseng.evhandler.1
HKEY_LOCAL_MACHINE\software\classes\csip.cscollection
HKEY_LOCAL_MACHINE\software\classes\csip.cscollection.1
HKEY_LOCAL_MACHINE\software\classes\csip.csipdispatch
HKEY_LOCAL_MACHINE\software\classes\csip.csipdispatch.1
HKEY_LOCAL_MACHINE\software\classes\csip.csippacket
HKEY_LOCAL_MACHINE\software\classes\csip.csippacket.1
HKEY_LOCAL_MACHINE\software\classes\puk.pukbho.1
HKEY_LOCAL_MACHINE\software\classes\skinui.activewindow
HKEY_LOCAL_MACHINE\software\classes\skinui.activewindow.1
HKEY_LOCAL_MACHINE\software\classes\skinui.cskinui
HKEY_LOCAL_MACHINE\software\classes\skinui.cskinui.1
HKEY_LOCAL_MACHINE\software\classes\skinui.webbrowsersink
HKEY_LOCAL_MACHINE\software\classes\skinui.webbrowsersink.1
HKEY_LOCAL_MACHINE\software\classes\skinui.windowshelper
HKEY_LOCAL_MACHINE\software\classes\skinui.windowshelper.1
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{d7b3e460-9968-4191-bd6f-beed1bc18482}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar\{702ad576-fddb-4d0f-9811-a43252064684}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{702ad576-fddb-4d0f-9811-a43252064684}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d48f2e28-68e2-4920-9848-d6e6c7ab3eb7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\conflict.1\oeloader.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\oeloader.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\oeloader.exe

Xupiter.Orbitexplorer Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\shellbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\classes\appid\dmserver.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cc2k
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cc2k
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\shellbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\shellbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_LOCAL_MACHINE\software\classes\appid\dmserver.exe
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cc2k
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cc2k

Xupiter.Orbitexplorer indications of infection

This symptoms of Xupiter.Orbitexplorer detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing Bushtrommel Trojan
Pigeon.ELC Trojan Removal

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)